IN THE SPECIFICATION 
Please replace paragraph [0030] at page 21, prenumbered line 6, to page 22, 
prenumbered line 8, with the following rewritten paragraph: 

[0030] The mediating apparatus (S) 104 executes access authorization control of the 
VPN client unit (A) 101 by the SPKI scheme, and in the case of authorizing access, it 
searches the domain name server (DNS) 105 to obtain the IP address IPADDRESS_B 
assigned to the VPN gateway unit (B) 103 (step S3). Then the mediating a pparatus (S) 104 
refers to the access control (ACL) to obtain the private IP address IPADDRESS_C assigned 
to the communication unit (C) 111 connected to LAN 110 that is placed under the 
management of the VPN gateway unit (B) 103. Then the mediating apparatus (S) 104 
generates a common key KEYAB that is used for mutual authentication of the VPN client 
unit (A) 101 and the VPN gateway unit (B) 103. Then the mediating apparatus (S) 104 uses 
the public key PUBLICKEY A of the VPN client unit (A) 101 to encrypt the communication 
channel between the mediating apparatus (S) 104 and the VPN client unit (A) 101, and sends 
the IP addresses IPADDRESS_B and IPADDRESS_C and the common key KEY_AB to the 
VPN client unit (A) 101 over the encrypted communication channel (step S4). Then the 
mediating apparatus (S) 104 uses the public key PUBLICKEY B of the VPN gateway unit 
(B) 103 to encrypt the communication channel between the mediating apparatus (S) 104 and 
the VPN gateway unit (B) 103, and sends the IP address IPADDRESS_A and the common 
key KEY AB to the VPN gateway unit (B) 103 over the encrypted communication channel 
(step S5). Thus the VPN client unit (A) 101 and the VPN gateway unit (B) 103 are enabled 
to carry out communications between them with security by use of the common key 
KEY_AB. This embodiment uses the IPsec tunnel mode as a tunneling protocol between the 
VPN client units (A) 101 and the VPN gateway unit (B) 103, and the common key as 
information that is sent from the mediating apparatus (S) 104 to them for their mutual 
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authentication. Other protocols such as L2TP and PPTP may be used as the tunnel protocol, 
and the mutual authentication information may also be ID, a password, a common secret, an 
SPKI authorization certificate, or similar information of other means. 



3 



